CVE-2026-6140

creationtimestamp| type| source ---|---|--- 2026-04-12 16:12:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116392613084228249 2026-04-12 16:16:35+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-6140 2026-04-13 01:30:39+00:00| seen|...

Updated spdlog packages fix security vulnerability

Spdlog patternformatter-inl.h scopedpadder resource consumption. CVE-2025-6140...

TencentOS Server 4: spdlog (TSSA-2025:0660)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0660 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-6140 affecting package doxygen for versions less than 1.9.8-2

CVE-2025-6140 affecting package doxygen for versions less than 1.9.8-2. A patched version of the package is available...

Security update for spdlog (moderate)

openSUSE Security Update: Security update for spdlog Announcement ID: openSUSE-SU-2025:0241-1 Rating: moderate References: 1244696 Cross-References: CVE-2025-6140 CVSS scores: CVE-2025-6140 SUSE: 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

libspdlog1_15-1.15.3-2.1 on GA media (moderate)

libspdlog115-1.15.3-2.1 on GA media Announcement ID: openSUSE-SU-2025:15297-1 Rating: moderate Cross-References: CVE-2025-6140 CVSS scores: CVE-2025-6140 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-6140 SUSE : 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:...

Photon OS 5.0: Spdlog PHSA-2025-5.0-0547

An update of the spdlog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0547. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora: Security Advisory (FEDORA-2025-7d5c7fe0c7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : spdlog (2025-7d5c7fe0c7)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7d5c7fe0c7 advisory. Backported the upstream CVE-2025-6140 fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

CVE-2025-6140

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2025-6140

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2025-6140

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2025-6140 spdlog pattern_formatter-inl.h scoped_padder resource consumption

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2025-6140

spdlog up to 1.15.1 contains a vulnerability in the function scoped_padder (pattern_formatter-inl.h) that enables resource consumption on the local host. The issue is disclosed publicly, with upgrade to 1.15.2 addressing it (patch identifier 10320184df1eb4638e253a34b1eb44ce78954094). Affected com...

CVE-2025-6140 spdlog pattern_formatter-inl.h scoped_padder resource consumption

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2025-6140

A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scopedpadder in the library include/spdlog/patternformatter-inl.h. The manipulation leads to resource consumption. It is possible to launch the attack on the local host. The exploit h...

CVE-2023-6140

creationtimestamp| type| source ---|---|--- 2024-01-25 15:11:31+00:00| seen| https://t.me/ctinow/173490...

CVE-2023-6140

The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited privileges on the site, like subscribers, from momentarily uploading malicious PHP files disguised as ZIP archives, which may lead to remote code execution...

CVE-2023-6140 Essential Real Estate < 4.4 - Subscriber+ Arbitrary File Upload

The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited privileges on the site, like subscribers, from momentarily uploading malicious PHP files disguised as ZIP archives, which may lead to remote code execution...

CVE-2023-6140

The CVE affects the Essential Real Estate WordPress plugin for versions prior to 4.4.0. The vulnerability allows users with limited privileges (e.g., subscribers) to upload malicious PHP files disguised as ZIP archives, potentially leading to remote code execution. Red Hat/NVD entries and third-p...